Predictable Initial Sequence Numbers in Symantec Raptor and Enterprise Firewalls
CVE-2002-1463

Currently unrated

Key Information:

Vendor: Symantec
Status: Enterprise Firewall; Velociraptor; Raptor Firewall
Vendor: CVE Published:; 9 June 2003

Summary

The vulnerability in Symantec Raptor Firewall and Enterprise Firewall arises from the generation of easily predictable initial sequence numbers (ISN) in TCP connections. This flaw can be exploited by remote attackers, enabling them to spoof connections, potentially allowing unauthorized access or disrupting legitimate network communications. The affected versions include multiple releases across Symantec's Raptor and Enterprise Firewall products, highlighting a significant risk for organizations relying on these firewalls for network security.

References

http://archives.neohapsis.com/archives/bugtraq/2002-07/04...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/5387

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/12836

vdb-entryx_refsource_XF

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 9, 2003
Vulnerability Reserved
Feb 5, 2003